Enabling sending icmp error messages, Dhcp snooping support for option 82, Dhcp snooping configuration task list – H3C Technologies H3C S12500-X Series Switches User Manual
Page 112
101
Step Command
Remarks
2.
Configure TCP
timers.
•
Configure the TCP SYN wait timer:
tcp timer syn-timeout time-value
•
Configure the TCP FIN wait timer:
tcp timer fin-timeout time-value
By default:
•
The TCP SYN wait timer is 75
seconds.
•
The TCP FIN wait timer is 675
seconds.
Enabling sending ICMP error messages
Perform this task to enable sending ICMP error messages, including redirect, time-exceeded, and
destination unreachable messages.
•
ICMP redirect messages
A host that has only one default route sends all packets to the default gateway. The default
gateway sends an ICMP redirect message to inform the host of a correct next hop by following
these rules:
{
The receiving and sending interfaces are the same.
{
The selected route is not created or modified by any ICMP redirect messages.
{
The selected route is not destined for 0.0.0.0.
{
There is no source route option in the received packet.
ICMP redirect messages simplify host management and enable hosts to gradually optimize their
routing table.
•
ICMP time-exceeded messages
A device sends ICMP time-exceeded messages by following these rules:
{
If a received packet is not destined for the device and the TTL field of the packet is 1, the device
sends an ICMP TTL Expired in Transit message to the source.
{
When the device receives the first fragment of an IP datagram destined for it, it starts a timer. If
the timer expires before all the fragments of the datagram are received, the device sends an
ICMP Fragment Reassembly Timeout message to the source.
•
ICMP destination unreachable messages
A device sends ICMP destination unreachable messages by following these rules:
{
If a packet does not match any route and there is no default route in the routing table, the device
sends a Network Unreachable ICMP error message to the source.
{
If a packet is destined for the device but the transport layer protocol of the packet is not
supported by the device, the device sends a Protocol Unreachable ICMP error message to the
source.
NOTE:
If a DHCP enabled device receives an ICMP echo reply without sending any ICMP echo requests,
the device does not send any Protocol Unreachable ICMP error messages to the source. For more
information about DHCP, see
Layer 3—IP Services Configuration Guide.
{
If a UDP packet is destined for the device but the packet's port number does not match the
corresponding process, the device sends the source a Port Unreachable ICMP error message.